Poking a hornets nest

So I’ve been absent for over a week now from posting, with good reason. One of my clients who still uses Windows caught a nasty virus. Oh how I love viruses. Trojans in particular. Naturally as I was managing the system I ensured that they had adequate virus protection in place, we were running the free version of AVG (cost conscious client), as well as the Spyware Doctor Starter Edition provided by Google Pack for XP.

Our virus protection was good enough to detect the virus, but unfortunately not good enough to just heal it. So after disconnecting the machine from the network I switched over to my MBP to google my way out of the situation. I found out that I was dealing with a generic version of a normal everyday trojan, the type that patches and replaces your windows system files. And generally does lots of nasty stuff.

At first it looked like AVG had the solution and had a specific remover for the file. So off I went, read the instructions, downloaded the file and ran the remover. I rebooted the system. And voila a non-functioning machine. Great. I had to drive over to my house and grab some more specialist software to deal with the problem. After a quick search on trusty google. I figured out that it was probably most likely that I was dealing with a corrupted registry.

Anyway after a couple of hours of running diagnosis software and playing with the Windows terminal via booting by CD. I stumbled upon a great mess, apparently the person before me had left a previous hard-drive installed in the machine with XP installed on, and inadvertently because the primary hard drive was connected via SATA rather than PATA my XP boot disk was ignoring the SATA drive and booting straight into the PATA drive.

So after most of an afternoon wasted. I went back to google to figure out how I might be able to resolve this. The answer came in creating a new boot disk. So I downloaded nLite and set about creating my own custom boot disk. Then to add a little more power to the mix. I installed Ultimate Boot CD and created my own special mix of Windows busting fun.

Unfortunately this sort of work is boring, time consuming and irritating. And it wasn’t until my seventh pass with UBCD’s anti-virus software I was finally sure that I had rid myself of the virus. I spent my time checking the other computer wasn’t infected (fortunately not) and looking for their startup and installation disks, in case I had to do a wipe and re-install. But joy of joy no disks.

I had started on a Friday morning, worked through Saturday and was now looking at having a delightful Monday. I was a bundle of laughs that weekend I can tell you. Though I did have time to conduct a complete re-organisation of the company’s shared files. Fortunately I had moved them off this computer to the wonderful dropbox a couple of weeks earlier. As I waited I gave them structure. No more dumping files in a single folder!

So come Monday. I was left with no choice but to wipe. The tech support on this was going to be too expensive. So I booted up with UBCD and wiped away. Wiped both drives to be sure. I then installed XP on the PATA and allocated the SATA as a backup drive. A much more sensible solution. But with no software CDs I was left with an interesting experiment, what should I buy to replace the software that was lost?

I’ll return to that in a later post, as well as assessing how well the backup routines we had in place to ensure no data was lost performed. Suffice to say I think that this is salutary lesson in why PCs are more expensive than Macs. It’s the IT support silly. At £25 an hour, three days of tech support to restore that PC had been expensive. It might have been cheap to buy but it ended up much a much more expensive purchase than a virus free Mac would have been.

Filed under: GeneralTagged with: , , ,